I' m unable to access any non-trusted web sites when using ForitOS (v5.0.5) SSL VPN.
This appears to only occur with IE 10 in Enhanced Protected Mode (EPM).
I' m running Win 8 64-bit (not sure if that makes a difference).
No issues with Firefox, strangely.
The test system is an Active Directory joined system.
When un-joined to the domain, all is fine.
There does not appear to be any MS Group Policy settings are affect the domain in this way.
Without the VPN, I can access sites w/o issue.
Without EPM enabled, I can access sites w/o issue.
Working with Fortigate support, debugging shows the packets reaching the Fortigate
VPN (FG200B running FortiOS v5.0.5 in NAT mode) with EPM disabled. No packets
are seen reaching the VPN with EPM enabled.
Google searches on this issue report other vendors VPN solutions having same/similar issues.
Q: Has anyone experienced this?
Q: Has anyone arrived at a solution?
Many, many thanks in advance.
Unfortunately EPM is not explained very well in all of it' s capabilities under certain conditions. However, the issue you see, is likely that EPM functionality is depending on network location awareness (public, home, work networks). The SSL VPN connection changes the network location and from the little information that is available so far, Windows firewall blocks certain connections then.
info 1info 2info 3
In 8.1/IE11 EPM was enabled by default until MS13-088, when this was reverted.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.